def _rsassa_pss_sign(self, M, h=None, mgf=None, sLen=None):
"""
Implements RSASSA-PSS-SIGN() function described in Sect. 8.1.1 of
RFC 3447.
Input:
M: message to be signed, an octet string
Output:
signature, an octet string of length k, where k is the length in
octets of the RSA modulus n.
On error, None is returned.
"""
# Set default parameters if not provided
if h is None: # By default, sha1
h = "sha1"
if not h in _hashFuncParams:
warning("Key._rsassa_pss_sign(): unknown hash function "
"provided (%s)" % h)
return None
if mgf is None: # use mgf1 with underlying hash function
mgf = lambda x,y: pkcs_mgf1(x, y, h)
if sLen is None: # use Hash output length (A.2.3 of RFC 3447)
hLen = _hashFuncParams[h][0]
sLen = hLen
# 1) EMSA-PSS encoding
modBits = self.modulusLen
k = modBits / 8
EM = pkcs_emsa_pss_encode(M, modBits - 1, h, mgf, sLen)
if EM is None:
warning("Key._rsassa_pss_sign(): unable to encode")
return None
# 2) RSA signature
m = pkcs_os2ip(EM) # 2.a)
s = self._rsasp1(m) # 2.b)
S = pkcs_i2osp(s, k) # 2.c)
return S # 3)
评论列表
文章目录
